A crasher due to lacking 'template' node in XFA file
authorJun Fang <jun_fang@foxitsoftware.com>
Wed, 28 Oct 2015 10:36:28 +0000 (18:36 +0800)
committerJun Fang <jun_fang@foxitsoftware.com>
Wed, 28 Oct 2015 10:36:28 +0000 (18:36 +0800)
A template node is mandatory in XFA file. Pdfium should
ignore processing it when no template node is found in
XFA file.

BUG=pdfium:216
R=tsepez@chromium.org

Review URL: https://codereview.chromium.org/1423903002 .

BUILD.gn
pdfium.gyp
testing/resources/bug_216.in [new file with mode: 0644]
testing/resources/bug_216.pdf [new file with mode: 0644]
xfa/src/fxfa/src/parser/xfa_parser_imp.cpp
xfa/src/fxfa/src/parser/xfa_parser_imp_embeddertest.cpp [new file with mode: 0644]

index fcba1f1..1ab969a 100644 (file)
--- a/BUILD.gn
+++ b/BUILD.gn
@@ -1512,6 +1512,7 @@ test("pdfium_embeddertests") {
     "testing/embedder_test.h",
     "testing/embedder_test_mock_delegate.h",
     "testing/embedder_test_timer_handling_delegate.h",
+    "xfa/src/fxfa/src/parser/xfa_parser_imp_embeddertest.cpp",
   ]
   deps = [
     "//testing/gmock",
index 3d35cab..991dac4 100644 (file)
         'testing/embedder_test.h',
         'testing/embedder_test_mock_delegate.h',
         'testing/embedder_test_timer_handling_delegate.h',
+        'xfa/src/fxfa/src/parser/xfa_parser_imp_embeddertest.cpp',
       ],
       'conditions': [
         ['pdf_enable_v8==1', {
diff --git a/testing/resources/bug_216.in b/testing/resources/bug_216.in
new file mode 100644 (file)
index 0000000..1ecd862
--- /dev/null
@@ -0,0 +1,39 @@
+{{header}}
+{{object 1 0}} <<
+  /Type /Catalog
+  /Pages 2 0 R
+  /AcroForm 4 0 R
+>>
+endobj
+{{object 2 0}} <<
+  /Type /Pages
+  /Count 1
+>>
+endobj
+{{object 4 0}} <<
+  /XFA [
+    (xdp:xdp) 23 0 R
+    (form) 29 0 R
+    (</xdp:xdp>) 30 0 R]
+>>
+endobj
+{{object 23 0}} <<
+>>stream
+<?xml version="1.0" encoding="UTF-8"?>
+<xdp:xdp xmlns:xdp="http://www.foxitsoftware.com/">
+endstream
+endobj
+{{object 29 0}} <<
+>>stream
+<form xmlns="http://www.xfa.org/schema/xfa-form/2.6/">
+</form>
+endstream
+endobj
+{{object 30 0}} <<
+>>stream
+</xdp:xdp>
+endstream
+endobj
+trailer
+<</Root 1 0 R>>
+%%EOF
diff --git a/testing/resources/bug_216.pdf b/testing/resources/bug_216.pdf
new file mode 100644 (file)
index 0000000..2d59872
--- /dev/null
@@ -0,0 +1,40 @@
+%PDF-1.7
+% ò¤ô
+1 0 obj <<
+  /Type /Catalog
+  /Pages 2 0 R
+  /AcroForm 4 0 R
+>>
+endobj
+2 0 obj <<
+  /Type /Pages
+  /Count 1
+>>
+endobj
+4 0 obj <<
+  /XFA [
+    (xdp:xdp) 23 0 R
+    (form) 29 0 R
+    (</xdp:xdp>) 30 0 R]
+>>
+endobj
+23 0 obj <<
+>>stream
+<?xml version="1.0" encoding="UTF-8"?>
+<xdp:xdp xmlns:xdp="http://www.foxitsoftware.com/">
+endstream
+endobj
+29 0 obj <<
+>>stream
+<form xmlns="http://www.xfa.org/schema/xfa-form/2.6/">
+</form>
+endstream
+endobj
+30 0 obj <<
+>>stream
+</xdp:xdp>
+endstream
+endobj
+trailer
+<</Root 1 0 R>>
+%%EOF
index 9e85c1f..48547d7 100644 (file)
@@ -386,12 +386,12 @@ CXFA_Node* CXFA_SimpleParser::ParseAsXDPPacket_XDP(
           pXMLDocumentNode, XFA_GetPacketByIndex(XFA_PACKET_XDP)->pName,\r
           XFA_GetPacketByIndex(XFA_PACKET_XDP)->pURI,\r
           XFA_GetPacketByIndex(XFA_PACKET_XDP)->eFlags)) {\r
-    return NULL;\r
+    return nullptr;\r
   }\r
   CXFA_Node* pXFARootNode =\r
       m_pFactory->CreateNode(XFA_XDPPACKET_XDP, XFA_ELEMENT_Xfa);\r
   if (!pXFARootNode) {\r
-    return NULL;\r
+    return nullptr;\r
   }\r
   m_pRootNode = pXFARootNode;\r
   pXFARootNode->SetCData(XFA_ATTRIBUTE_Name, FX_WSTRC(L"xfa"));\r
@@ -408,8 +408,8 @@ CXFA_Node* CXFA_SimpleParser::ParseAsXDPPacket_XDP(
       }\r
     }\r
   }\r
-  IFDE_XMLNode* pXMLConfigDOMRoot = NULL;\r
-  CXFA_Node* pXFAConfigDOMRoot = NULL;\r
+  IFDE_XMLNode* pXMLConfigDOMRoot = nullptr;\r
+  CXFA_Node* pXFAConfigDOMRoot = nullptr;\r
   {\r
     for (IFDE_XMLNode* pChildItem =\r
              pXMLDocumentNode->GetNodeItem(IFDE_XMLNode::FirstChild);\r
@@ -423,7 +423,7 @@ CXFA_Node* CXFA_SimpleParser::ParseAsXDPPacket_XDP(
       }\r
       if (CXFA_Node* pChildNode =\r
               pXFARootNode->GetFirstChildByName(pPacketInfo->uHash)) {\r
-        return NULL;\r
+        return nullptr;\r
       }\r
       pXMLConfigDOMRoot = pChildItem;\r
       pXFAConfigDOMRoot =\r
@@ -431,8 +431,9 @@ CXFA_Node* CXFA_SimpleParser::ParseAsXDPPacket_XDP(
       pXFARootNode->InsertChild(pXFAConfigDOMRoot, NULL);\r
     }\r
   }\r
-  IFDE_XMLNode* pXMLDatasetsDOMRoot = NULL;\r
-  IFDE_XMLNode* pXMLFormDOMRoot = NULL;\r
+  IFDE_XMLNode* pXMLDatasetsDOMRoot = nullptr;\r
+  IFDE_XMLNode* pXMLFormDOMRoot = nullptr;\r
+  IFDE_XMLNode* pXMLTemplateDOMRoot = nullptr;\r
   {\r
     for (IFDE_XMLNode* pChildItem =\r
              pXMLDocumentNode->GetNodeItem(IFDE_XMLNode::FirstChild);\r
@@ -453,7 +454,7 @@ CXFA_Node* CXFA_SimpleParser::ParseAsXDPPacket_XDP(
         if (!XFA_FDEExtension_MatchNodeName(pElement, pPacketInfo->pName,\r
                                             pPacketInfo->pURI,\r
                                             pPacketInfo->eFlags)) {\r
-          pPacketInfo = NULL;\r
+          pPacketInfo = nullptr;\r
         }\r
       }\r
       XFA_XDPPACKET ePacket =\r
@@ -463,29 +464,41 @@ CXFA_Node* CXFA_SimpleParser::ParseAsXDPPacket_XDP(
       }\r
       if (ePacket == XFA_XDPPACKET_Datasets) {\r
         if (pXMLDatasetsDOMRoot) {\r
-          pXMLDatasetsDOMRoot = NULL;\r
-          return NULL;\r
+          return nullptr;\r
         }\r
         pXMLDatasetsDOMRoot = pElement;\r
       } else if (ePacket == XFA_XDPPACKET_Form) {\r
         if (pXMLFormDOMRoot) {\r
-          pXMLFormDOMRoot = NULL;\r
-          return NULL;\r
+          return nullptr;\r
         }\r
         pXMLFormDOMRoot = pElement;\r
+      } else if (ePacket == XFA_XDPPACKET_Template) {\r
+        if (pXMLTemplateDOMRoot) {\r
+          // Found a duplicate template packet.\r
+          return nullptr;\r
+        }\r
+        CXFA_Node* pPacketNode = ParseAsXDPPacket(pElement, ePacket);\r
+        if (pPacketNode) {\r
+          pXMLTemplateDOMRoot = pElement;\r
+          pXFARootNode->InsertChild(pPacketNode);\r
+        }\r
       } else {\r
         CXFA_Node* pPacketNode = ParseAsXDPPacket(pElement, ePacket);\r
         if (pPacketNode) {\r
           if (pPacketInfo &&\r
               (pPacketInfo->eFlags & XFA_XDPPACKET_FLAGS_SUPPORTONE) &&\r
               pXFARootNode->GetFirstChildByName(pPacketInfo->uHash)) {\r
-            return NULL;\r
+            return nullptr;\r
           }\r
           pXFARootNode->InsertChild(pPacketNode);\r
         }\r
       }\r
     }\r
   }\r
+  if (!pXMLTemplateDOMRoot) {\r
+    // No template is found.\r
+    return nullptr;\r
+  }\r
   if (pXMLDatasetsDOMRoot) {\r
     CXFA_Node* pPacketNode =\r
         ParseAsXDPPacket(pXMLDatasetsDOMRoot, XFA_XDPPACKET_Datasets);\r
diff --git a/xfa/src/fxfa/src/parser/xfa_parser_imp_embeddertest.cpp b/xfa/src/fxfa/src/parser/xfa_parser_imp_embeddertest.cpp
new file mode 100644 (file)
index 0000000..5a3059c
--- /dev/null
@@ -0,0 +1,15 @@
+// Copyright 2015 PDFium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "../../../../../testing/embedder_test.h"
+#include "testing/gtest/include/gtest/gtest.h"
+
+class XFAParserImpEmbeddertest : public EmbedderTest {};
+
+TEST_F(XFAParserImpEmbeddertest, Bug_216) {
+    EXPECT_TRUE(OpenDocument("testing/resources/bug_216.pdf"));
+    FPDF_PAGE page = LoadPage(0);
+    EXPECT_NE(nullptr, page);
+    UnloadPage(page);
+}
\ No newline at end of file